Yubico Forum
https://forum.yubico.com/

Problems with BAD_SIGNATURE
https://forum.yubico.com/viewtopic.php?f=3&t=118		 Page 1 of 1
Author:  Jester [ Wed Jun 25, 2008 2:00 pm ]
Post subject:  Problems with BAD_SIGNATURE
I am having problems implementing the signature checking in C#. I have used the Microsoft MSDN hmac SHA1 example to encode the parameters with no luck. All I get is the dreaded BAD_SIGNATURE.

Any ideas?

_authid and otp was populated correctly and without the &h... it works STATUS=OK
Code:
            String sParams = "id=" + _authId + "&otp=" + otp;
            String sAPIKeyUtf8 = base64Decode(APIKEY);
            String shmac;

            HMACSHA1 hmacsha1 = new HMACSHA1();
            hmacsha1.Key = Encoding.ASCII.GetBytes(sAPIKeyUtf8);
            byte[] dataBuffer = System.Text.Encoding.ASCII.GetBytes(sParams);
            byte[] hashBytes = hmacsha1.ComputeHash(dataBuffer);
            shmac = Convert.ToBase64String(hashBytes);

            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(YUBICO_AUTH_SRV_URL + _authId + "&otp=" + otp + "&h=" + shmac);
Author:  Jester [ Wed Jun 25, 2008 6:36 pm ]
Post subject:  Re: Problems with BAD_SIGNATURE
Got this working now ... why are (almost) all the most infuriating problems the easiest solutions :oops: :

Code:
byte[] dataBuffer = System.Text.Encoding.ASCII.GetBytes(sParams);


should read:

Code:
byte[] dataBuffer = System.Text.Encoding.UTF8.GetBytes(sParams);



8-)
Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/